Technology Risk & Compliance Manager

About us

Longbridge is a new-generation, AI-driven online brokerage on a mission to make investing smarter, simpler, and more accessible for everyone. Headquartered in Singapore, we are redefining the investment journey by connecting the stages of "Discovery → Learning → Trading." With our proprietary AI assistant, Longbridge AI, and a cloud-native infrastructure, we provide retail investors with institutional-grade insights and a seamless global trading network. At Longbridge, you won’t just be working for a brokerage; you’ll be building the future of financial infrastructure.

We are looking for a Technology Risk&Compliance Manager to oversee technology risk governance and regulatory compliance for our Singapore operations.

This role will act as the key point of contact with the Monetary Authority of Singapore (MAS) on Technology Risk Management (TRM) and cybersecurity matters, ensuring the company maintains a robust technology control environment in line with MAS regulatory expectations.

Key Responsibilities:

• Lead regulatory engagements related to MAS Technology Risk Management (TRM), Cyber Hygiene, operational resilience, and cybersecurity reviews
• Manage responses to MAS inspections, self-assessments, thematic reviews, and regulatory questionnaires
• Interpret and implement MAS regulatory requirements, including: MAS TRM Guidelines,MAS Notice on Cyber Hygiene,MAS Outsourcing Guidelines, MAS Notices 644 / 655
• Work closely with Engineering, Infrastructure, Cybersecurity, Compliance, Legal, and business teams to implement remediation and strengthen technology controls
• Develop and maintain technology governance frameworks, policies, and procedures, including: Information Security,Incident Response,Business Continuity Management, Outsourcing Risk Management,Cloud Governance
• Coordinate technology incident escalation and regulatory reporting to MAS
• Conduct technology and cybersecurity risk assessments for third-party vendors and cloud providers
• Support internal audit reviews and external assurance programs, including SOC2 and ISO27001 assessments
• Provide regular reporting to senior management on technology risk posture and remediation progress

Requirements:

• Bachelor’s degree in Information Security, Computer Science, Information Systems, Risk Management, or a related discipline
• 5–8+ years of relevant experience in Technology Risk, IT Risk Management, Cybersecurity Governance, Technology Compliance, IT Audit, or Operational Risk within: Securities brokerages, Investment Banks, FinTech companies, Asset management firms, Digital asset / virtual asset platforms, etc. Prior Big 4 advisory or consulting experience is required.
• Strong understanding of SFC and/or MAS technology risk and cybersecurity regulatory frameworks
• Hands-on experience supporting regulatory inspections, audits, remediation programs, or control enhancement initiatives
• Good understanding of core technology control domains, including: Identity & access management, Change Management,Vulnerability management, Incident response, Cloud security,Data protection and privacy,Operational resilience and disaster recovery
• Experience working with cloud environments, outsourced technology services, and modern infrastructure platforms is highly preferred
• Relevant certifications such as CISA, CISSP, CRISC, or CISM are advantageous
• Strong project management and stakeholder management capabilities, with the ability to engage effectively across both technical and non-technical teams
• Bilingual in English and Chinese (desired but not a must) to communicate with internal & external stakeholder across the region.